1320 matches found
CLSA-2025-1737568622 rsync: Fix of CVE-2024-12085
CVE-2024-12085: fix to prevent information leak off the stack...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in ptrace for the ARM64 architecture that fails to initialize the temporary variable fpmr when processing...
RLSA-2024:11299 Important: gstreamer1-plugins-good security update
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fixes: gstreamer1-plugins-good: uninitialized stack memory in...
gstreamer1-plugins-good: uninitialized stack memory in Matroska/WebM demuxer
A flaw was found in the Matroska/WebM demuxer in the GStreamer library. Processing a specially crafted input file can cause the usage of uninitialized stack memory, allowing calls to uninitialized function pointers, potentially resulting in code execution or an application crash...
Important: Red Hat Security Advisory: gstreamer1-plugins-good security update
An update for gstreamer1-plugins-good is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Important: Red Hat Security Advisory: gstreamer1-plugins-base and gstreamer1-plugins-good security update
An update for gstreamer1-plugins-base and gstreamer1-plugins-good is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives...
Important: Red Hat Security Advisory: gstreamer1-plugins-good security update
An update for gstreamer1-plugins-good is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
RHEL 8 : gstreamer1-plugins-good (RHSA-2024:11149)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:11149 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-good packages conta...
gstreamer1-plugins-good: uninitialized stack memory in Matroska/WebM demuxer
A flaw was found in the Matroska/WebM demuxer in the GStreamer library. Processing a specially crafted input file can cause the usage of uninitialized stack memory, allowing calls to uninitialized function pointers, potentially resulting in code execution or an application crash...
Important: Red Hat Security Advisory: gstreamer1-plugins-good security update
An update for gstreamer1-plugins-good is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: gstreamer1-plugins-good security update
An update for gstreamer1-plugins-good is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...
CVE-2024-47540 GHSL-2024-197: GStreamer uses uninitialized stack memory in Matroska/WebM demuxer
GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. When size allocator-memunmapfull or mem-allocator-memunmap. This vulnerability coul...
CVE-2024-47540 GHSL-2024-197: GStreamer uses uninitialized stack memory in Matroska/WebM demuxer
GStreamer is a library for constructing graphs of media-handling components. An uninitialized stack variable vulnerability has been identified in the gstmatroskademuxaddwvpkheader function within matroska-demux.c. When size allocator-memunmapfull or mem-allocator-memunmap. This vulnerability coul...
SUSE CVE-2024-50227
In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix KASAN reported stack out-of-bounds read in tbretimerscan KASAN reported following issue: BUG: KASAN: stack-out-of-bounds in tbretimerscan+0xffe/0x1550 thunderbolt Read of size 4 at addr ffff88810111fc1c by task...
UBUNTU-CVE-2024-50163
In the Linux kernel, the following vulnerability has been resolved: bpf: Make sure internal and UAPI bpfredirect flags don't overlap The bpfredirectinfo is shared between the SKB and XDP redirect paths, and the two paths use the same numeric flag values in the ri-flags field specifically,...
The vulnerability of the RtsPer.sys and RtsUer.sys drivers of Realtek SD card readers, related to memory release errors, allows an attacker to gain access to the kernel’s stack memory and dynamic memory.
The vulnerability of the RtsPer.sys and RtsUer.sys drivers of Realtek SD card readers is related to memory release errors. Exploiting this vulnerability can allow an attacker to gain access to kernel memory from the stack and dynamic memory...
CentOS 7 : kernel-alt (RHSA-2020:0740)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0740 advisory. - A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an...
UBUNTU-CVE-2024-46734
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between direct IO write and fsync when using same fd If we have 2 threads that are using the same file descriptor and one of them is doing direct IO writes while the other is doing fsync, we have a race where we c...
Microsoft Windows DNSAPI.dll LLMNR Buffer Underrun Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows DNSAPI.dll LLMNR Buffer Underrun DoS', 'Description' = %q This module exploits a buffer underrun vulnerability in Microsoft's...
CVE-2024-33657
This SMM vulnerability affects certain modules, allowing privileged attackers to execute arbitrary code, manipulate stack memory, and leak information from SMRAM to kernel space, potentially leading to denial-of-service attacks...